summaryrefslogtreecommitdiff
path: root/ssh-agent.c
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2013-06-02 07:31:17 +1000
committerDarren Tucker <dtucker@zip.com.au>2013-06-02 07:31:17 +1000
commita627d42e51ffa71e014d7b2d2c07118122fd3ec3 (patch)
tree7bda769de81f509e28d800916fa20abd37906d79 /ssh-agent.c
parentc7aad0058c957afeb26a3f703e8cb0eddeb62365 (diff)
- djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
Diffstat (limited to 'ssh-agent.c')
-rw-r--r--ssh-agent.c63
1 files changed, 28 insertions, 35 deletions
diff --git a/ssh-agent.c b/ssh-agent.c
index b9498e6ef..3f94851eb 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-agent.c,v 1.172 2011/06/03 01:37:40 dtucker Exp $ */ 1/* $OpenBSD: ssh-agent.c,v 1.173 2013/05/17 00:13:14 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -172,10 +172,9 @@ static void
172free_identity(Identity *id) 172free_identity(Identity *id)
173{ 173{
174 key_free(id->key); 174 key_free(id->key);
175 if (id->provider != NULL) 175 free(id->provider);
176 xfree(id->provider); 176 free(id->comment);
177 xfree(id->comment); 177 free(id);
178 xfree(id);
179} 178}
180 179
181/* return matching private key for given public key */ 180/* return matching private key for given public key */
@@ -203,7 +202,7 @@ confirm_key(Identity *id)
203 if (ask_permission("Allow use of key %s?\nKey fingerprint %s.", 202 if (ask_permission("Allow use of key %s?\nKey fingerprint %s.",
204 id->comment, p)) 203 id->comment, p))
205 ret = 0; 204 ret = 0;
206 xfree(p); 205 free(p);
207 206
208 return (ret); 207 return (ret);
209} 208}
@@ -230,7 +229,7 @@ process_request_identities(SocketEntry *e, int version)
230 u_int blen; 229 u_int blen;
231 key_to_blob(id->key, &blob, &blen); 230 key_to_blob(id->key, &blob, &blen);
232 buffer_put_string(&msg, blob, blen); 231 buffer_put_string(&msg, blob, blen);
233 xfree(blob); 232 free(blob);
234 } 233 }
235 buffer_put_cstring(&msg, id->comment); 234 buffer_put_cstring(&msg, id->comment);
236 } 235 }
@@ -348,10 +347,9 @@ process_sign_request2(SocketEntry *e)
348 buffer_append(&e->output, buffer_ptr(&msg), 347 buffer_append(&e->output, buffer_ptr(&msg),
349 buffer_len(&msg)); 348 buffer_len(&msg));
350 buffer_free(&msg); 349 buffer_free(&msg);
351 xfree(data); 350 free(data);
352 xfree(blob); 351 free(blob);
353 if (signature != NULL) 352 free(signature);
354 xfree(signature);
355 datafellows = odatafellows; 353 datafellows = odatafellows;
356} 354}
357 355
@@ -378,7 +376,7 @@ process_remove_identity(SocketEntry *e, int version)
378 case 2: 376 case 2:
379 blob = buffer_get_string(&e->request, &blen); 377 blob = buffer_get_string(&e->request, &blen);
380 key = key_from_blob(blob, blen); 378 key = key_from_blob(blob, blen);
381 xfree(blob); 379 free(blob);
382 break; 380 break;
383 } 381 }
384 if (key != NULL) { 382 if (key != NULL) {
@@ -509,7 +507,7 @@ process_add_identity(SocketEntry *e, int version)
509 cert = buffer_get_string(&e->request, &len); 507 cert = buffer_get_string(&e->request, &len);
510 if ((k = key_from_blob(cert, len)) == NULL) 508 if ((k = key_from_blob(cert, len)) == NULL)
511 fatal("Certificate parse failed"); 509 fatal("Certificate parse failed");
512 xfree(cert); 510 free(cert);
513 key_add_private(k); 511 key_add_private(k);
514 buffer_get_bignum2(&e->request, k->dsa->priv_key); 512 buffer_get_bignum2(&e->request, k->dsa->priv_key);
515 break; 513 break;
@@ -520,7 +518,7 @@ process_add_identity(SocketEntry *e, int version)
520 curve = buffer_get_string(&e->request, NULL); 518 curve = buffer_get_string(&e->request, NULL);
521 if (k->ecdsa_nid != key_curve_name_to_nid(curve)) 519 if (k->ecdsa_nid != key_curve_name_to_nid(curve))
522 fatal("%s: curve names mismatch", __func__); 520 fatal("%s: curve names mismatch", __func__);
523 xfree(curve); 521 free(curve);
524 k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); 522 k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid);
525 if (k->ecdsa == NULL) 523 if (k->ecdsa == NULL)
526 fatal("%s: EC_KEY_new_by_curve_name failed", 524 fatal("%s: EC_KEY_new_by_curve_name failed",
@@ -551,7 +549,7 @@ process_add_identity(SocketEntry *e, int version)
551 cert = buffer_get_string(&e->request, &len); 549 cert = buffer_get_string(&e->request, &len);
552 if ((k = key_from_blob(cert, len)) == NULL) 550 if ((k = key_from_blob(cert, len)) == NULL)
553 fatal("Certificate parse failed"); 551 fatal("Certificate parse failed");
554 xfree(cert); 552 free(cert);
555 key_add_private(k); 553 key_add_private(k);
556 if ((exponent = BN_new()) == NULL) 554 if ((exponent = BN_new()) == NULL)
557 fatal("%s: BN_new failed", __func__); 555 fatal("%s: BN_new failed", __func__);
@@ -583,7 +581,7 @@ process_add_identity(SocketEntry *e, int version)
583 cert = buffer_get_string(&e->request, &len); 581 cert = buffer_get_string(&e->request, &len);
584 if ((k = key_from_blob(cert, len)) == NULL) 582 if ((k = key_from_blob(cert, len)) == NULL)
585 fatal("Certificate parse failed"); 583 fatal("Certificate parse failed");
586 xfree(cert); 584 free(cert);
587 key_add_private(k); 585 key_add_private(k);
588 buffer_get_bignum2(&e->request, k->rsa->d); 586 buffer_get_bignum2(&e->request, k->rsa->d);
589 buffer_get_bignum2(&e->request, k->rsa->iqmp); 587 buffer_get_bignum2(&e->request, k->rsa->iqmp);
@@ -591,11 +589,11 @@ process_add_identity(SocketEntry *e, int version)
591 buffer_get_bignum2(&e->request, k->rsa->q); 589 buffer_get_bignum2(&e->request, k->rsa->q);
592 break; 590 break;
593 default: 591 default:
594 xfree(type_name); 592 free(type_name);
595 buffer_clear(&e->request); 593 buffer_clear(&e->request);
596 goto send; 594 goto send;
597 } 595 }
598 xfree(type_name); 596 free(type_name);
599 break; 597 break;
600 } 598 }
601 /* enable blinding */ 599 /* enable blinding */
@@ -613,7 +611,7 @@ process_add_identity(SocketEntry *e, int version)
613 } 611 }
614 comment = buffer_get_string(&e->request, NULL); 612 comment = buffer_get_string(&e->request, NULL);
615 if (k == NULL) { 613 if (k == NULL) {
616 xfree(comment); 614 free(comment);
617 goto send; 615 goto send;
618 } 616 }
619 while (buffer_len(&e->request)) { 617 while (buffer_len(&e->request)) {
@@ -627,7 +625,7 @@ process_add_identity(SocketEntry *e, int version)
627 default: 625 default:
628 error("process_add_identity: " 626 error("process_add_identity: "
629 "Unknown constraint type %d", type); 627 "Unknown constraint type %d", type);
630 xfree(comment); 628 free(comment);
631 key_free(k); 629 key_free(k);
632 goto send; 630 goto send;
633 } 631 }
@@ -643,7 +641,7 @@ process_add_identity(SocketEntry *e, int version)
643 tab->nentries++; 641 tab->nentries++;
644 } else { 642 } else {
645 key_free(k); 643 key_free(k);
646 xfree(id->comment); 644 free(id->comment);
647 } 645 }
648 id->comment = comment; 646 id->comment = comment;
649 id->death = death; 647 id->death = death;
@@ -665,7 +663,7 @@ process_lock_agent(SocketEntry *e, int lock)
665 if (locked && !lock && strcmp(passwd, lock_passwd) == 0) { 663 if (locked && !lock && strcmp(passwd, lock_passwd) == 0) {
666 locked = 0; 664 locked = 0;
667 memset(lock_passwd, 0, strlen(lock_passwd)); 665 memset(lock_passwd, 0, strlen(lock_passwd));
668 xfree(lock_passwd); 666 free(lock_passwd);
669 lock_passwd = NULL; 667 lock_passwd = NULL;
670 success = 1; 668 success = 1;
671 } else if (!locked && lock) { 669 } else if (!locked && lock) {
@@ -674,7 +672,7 @@ process_lock_agent(SocketEntry *e, int lock)
674 success = 1; 672 success = 1;
675 } 673 }
676 memset(passwd, 0, strlen(passwd)); 674 memset(passwd, 0, strlen(passwd));
677 xfree(passwd); 675 free(passwd);
678 676
679 buffer_put_int(&e->output, 1); 677 buffer_put_int(&e->output, 1);
680 buffer_put_char(&e->output, 678 buffer_put_char(&e->output,
@@ -747,12 +745,9 @@ process_add_smartcard_key(SocketEntry *e)
747 keys[i] = NULL; 745 keys[i] = NULL;
748 } 746 }
749send: 747send:
750 if (pin) 748 free(pin);
751 xfree(pin); 749 free(provider);
752 if (provider) 750 free(keys);
753 xfree(provider);
754 if (keys)
755 xfree(keys);
756 buffer_put_int(&e->output, 1); 751 buffer_put_int(&e->output, 1);
757 buffer_put_char(&e->output, 752 buffer_put_char(&e->output,
758 success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); 753 success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE);
@@ -768,7 +763,7 @@ process_remove_smartcard_key(SocketEntry *e)
768 763
769 provider = buffer_get_string(&e->request, NULL); 764 provider = buffer_get_string(&e->request, NULL);
770 pin = buffer_get_string(&e->request, NULL); 765 pin = buffer_get_string(&e->request, NULL);
771 xfree(pin); 766 free(pin);
772 767
773 for (version = 1; version < 3; version++) { 768 for (version = 1; version < 3; version++) {
774 tab = idtab_lookup(version); 769 tab = idtab_lookup(version);
@@ -786,7 +781,7 @@ process_remove_smartcard_key(SocketEntry *e)
786 else 781 else
787 error("process_remove_smartcard_key:" 782 error("process_remove_smartcard_key:"
788 " pkcs11_del_provider failed"); 783 " pkcs11_del_provider failed");
789 xfree(provider); 784 free(provider);
790 buffer_put_int(&e->output, 1); 785 buffer_put_int(&e->output, 1);
791 buffer_put_char(&e->output, 786 buffer_put_char(&e->output,
792 success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); 787 success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE);
@@ -951,10 +946,8 @@ prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, u_int *nallocp,
951 946
952 sz = howmany(n+1, NFDBITS) * sizeof(fd_mask); 947 sz = howmany(n+1, NFDBITS) * sizeof(fd_mask);
953 if (*fdrp == NULL || sz > *nallocp) { 948 if (*fdrp == NULL || sz > *nallocp) {
954 if (*fdrp) 949 free(*fdrp);
955 xfree(*fdrp); 950 free(*fdwp);
956 if (*fdwp)
957 xfree(*fdwp);
958 *fdrp = xmalloc(sz); 951 *fdrp = xmalloc(sz);
959 *fdwp = xmalloc(sz); 952 *fdwp = xmalloc(sz);
960 *nallocp = sz; 953 *nallocp = sz;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 18:50:02 +0000